AEP NACpoint The AEP NACpoint is a network admission control security appliance that protects networked resources against attack from unknown users and devices by authenticating users requesting LAN access, performing a node posture validation scan of clients, and placing offending clients in quarantine and enabling remediation. It includes agent or agentless remote vulnerability assessments and quarantine; automated or assisted user remediation; and enforcement at the switch or wireless access point.

AirMagnet Laptop Analyzer 7.0 AirMagnet Laptop Analyzer 7.0 provides a snapshot of the overall health of a wireless network, with information on signal strength, application alarms and individual devices. It protects against more than 130 wireless attacks, including rogue devices, DoS attacks, dictionary attacks, fake APs and RF jamming. With an overhauled user interface (UI) designed to simplify troubleshooting, the latest version streamlines access to a host of new features supporting emerging wireless technologies and protocols, ranging from 4.9 GHz to support for virtual APs and basic service set identifiers. Its new interference analysis section provides an enhanced understanding of how interference on all layers of the network is affecting wireless traffic.

Altiris SecurityExpressions 4.0 Altiris announced Altiris SecurityExpressions 4.0, available Feb. 22. SecurityExpressions helps organizations perform a complete vulnerability audit and remediates desktops, notebooks and servers. It is a scalable agentless and agent-based solution for deploying and managing enterprise system security policies, automatically auditing, deploying and enforcing system security policies across all Windows, UNIX and Linux systems. SecurityExpressions includes customizable industry best-practices policy files from well-known sources such as NSA, NIST, CIS and SANS, as well as policy files for regulations. Version 4 includes integration with Altiris Helpdesk Solution / Task Server and other CRM systems, as well as auditing support for Vista and x64, Solaris 10, AIX 5.3 and SuSE.

Altiris' ASecurityExpressions for Clients is $39 per node; SecurityExpressions for Servers is $895 per node.

Identisphere Applied Identity's Identisphere solution is a management platform consisting of policy management software, identity management middleware, and appliances. Identisphere integrates with existing identity management systems to define a common network authorization policy across all topologies and domains of an enterprise network. Identisphere defines network authorization policy in terms of user identity, which controls what resources user on the network can see and use. Identisphere will unify authorization policy management, by integrating with existing identity management infrastructure to create a single network authorization policy per user, even if user identities are spread across multiple enterprise identity domains.

Astaro Security Gateway Version 7 Astaro Security Gateway integrates nine security technologies that cover all aspects of security including network (firewall, VPN and intrusion protection), Web security (spyware protection, virus protection for the Web and content filtering), and email security (virus protection for email, spam protection, and phishing protection). Version 7 will introduce SSL VPN through the enhancement of existing remote access protocols such as IPsec, L2TP over IPsec, and PPTP tunneling with SSL VPN. It will enable the encryption, decryption and digital signature of emails, based on S/MIME and OpenPGP standards.

Hardware appliances start at $695 for an Astaro Security Gateway 110 for 10 users; software appliances start at $330 for a 10-user license.

Bivio 7000 Series Bivio Networks 7000 Series, available in Q2, is a family of compact, high-performance, fully programmable network appliances that combine packet processing hardware architecture with a software platform that includes a standard Linux-based execution environment and a comprehensive set of networking features. Designed to provide wire-speed deep packet processing, the Bivio 7000 Series architecture fuses network processing components with application processing. The family includes two main product groups, the B7100 and B7500, which provide performance-optimized features to deliver true line-rate packet processing from 3 Gbps to 10 Gbps throughput. Deploying next-generation IP services on Bivio 7000 Series platforms allows network equipment manufacturers, integrated system vendors, and federal GOTS/COTS systems integrators to deliver a 10 Gbps network appliance while reducing their time to market.

ModSecurity Pro M1000; BreachGate WebDefend Enterprise v2.0 ModSecurity is a Web application firewall that can be used for a wide range of functions including Web application monitoring, Web intrusion detection and prevention, as well as patching of known vulnerabilities. It can be used embedded into the Apache Web server, or stand-alone, with the ability to protect multiple Web servers of any type. BreachGate WebDefend Enterprise v2.0 protects Web applications from targeted Web attacks, filling the holes in network security to ensure that Web applications and the data behind them is secured. The latest enterprise version delivers a scalable enterprise architecture capable of managing large sensor deployments, enhancements to automated application profiling, and additional mechanisms for blocking attacks. WebDefend Enterprise addresses the needs of organizations managing large numbers of geographically disparate Web applications. The core of the architecture is a management server providing centralized event consolidation, user management, and command and control.

Centennial Security.Advisor Security.Advisor, an add-on module for Centennial Discovery 2006, detects and prioritizes network software and firmware vulnerabilities. Security.Advisor can pinpoint the exact location of security risks on the network, ranking them by criticality and volume. Vulnerabilities identified by Security.Advisor inlcude greynet applications (unwanted games, P2P applications, hacking tools, etc.) and software and firmware not on the latest patch. By comparing the live information in Centennial Discovery's asset repository against a comprehensive database of known threats, Security.Advisor helps administrators pinpoint risks down to individual PCs and devices.

Check Point VPN-1 UTM Check Point makes its first foray into the hardware business with the release of the Check Point VPN-1 UTM appliance, a box for mid-market businesses. Check Point sells an enterprise-grade VPN-1 UTM appliance called Edge, which runs on hardware from third-party partners like Nokia, IBM and Crossbeam. The appliance includes security features like a firewall, intrusion prevention technology, antivirus, antispyware, Web application firewall, VoIP security, instant messaging and peer-to-peer blocking, URL filtering and secure site-to-site and remote access connectivity. The box runs on the Check Point Secure Platform. It supports IPsec remote access connectivity for Windows, Linux and Mac OS X.

CSA 5.2 provides zero-update system integrity protection for critical servers that cannot be taken offline for patching. This is a host-based agent that reports to Cisco Management Center. Agents use HTTP and 128-bit SSL for the management interface and communication between agents and the management center.

Cloakware Server Password Manager Cloakware announced version 3 of Cloakware Server Password Manager (CSPM), which manages administrator and hard-coded application-to-application or application-to-database passwords. Version 3 manages passwords for Windows administrator and user accounts in domain and non-domain environments. It also updates Windows Services to use updated passwords. CSPM also supports Active Directory as a managed target application and manages passwords in Cisco routers. CSPM also provides a socket for customer-written or out-of-the-box connectors to target applications.

Defensics Platform Codenomicon announced its Defensics platform, software for developers, services providers and the enterprise that tests the security of IP and wireless systems, including VoIP, 3G, Bluetooth, email and digital media. The platform is supported by the Codenomicon Protocol Modeling Engine and the Codenomicon Attack Simulation Engine, which team to identify known and zero-day attacks.

Configuration Intelligence Configuresoft announces the release of its new Configuration Intelligence platform which helps enterprises correlate and report on system behavior. The new analytics in this product highlight trends in changes to operating systems, vendor products or machine groups, and correlates those changes and how they're related to system and security events. The platform also watches over patching processes and reports trends whether systems are compliant with proper patch levels. It can also evaluate compliance and patching improvements and whether groups or locations are compliant with policies. Organizations can also strategically use the analysis generated by the platform to roll out new initiatives, upgrade systems or move to new platforms.

ConSentry LANShield ConSentry announced an integration deal with Microsoft where NAP capabilities have been meshed with ConSentry's LANShield platform, which includes the LANShield Controller and LANShield Switch, to provide pre- and post-admission controls. Once NAP grants network access to an endpoint, the ConSentry platform enforces role-based access policies.

ConSentry LANShield Controller lists for $17,995 and the LANShield Switch lists for $13,995.

Determina Vulnerability Protection Suite Determina announced its Vulnerability Protection Suite will be available in the second quarter. The suite includes: Memory Firewall, which addresses vulnerabilities in system memory like buffer overflows; and LiveShield, which provides real-time protection against vulnerabilities without the need for reboots or downtime. New features include Vista agent support; process control, which enables admins to restrict software installations; and support for multiple Determina Management Consoles.

REM Security Management Console 3.3 eEye Digital Security's newest vulnerability management offering and end point solution provides a single point of visibility for security risk and event management. The new product includes advanced workflow capabilities to allow groups to collaborate on ongoing remediation efforts. It also now provides support for Blink Professional 3.0, Internet Explorer 7 and BMC Atrium Configuration Management Database. By integrating eEye's Retina and Blink Professional, users can get enterprise views into policy, vulnerability, attack data to respond quickly to incidents.

Meanwhile the company will refresh its endpoint protection solution, Blink Professional 3.0. The new version will incorporate two anti-virus protection technologies including virus signature fingerprinting. It also includes Sandbox scanning technology for advanced heuristics.

Pricing for REM Security Management Console begins at $4995 per management console server and up to 500 managed assets per year.

Entrust Etelligence Group Share Entrust unveils its new network folder encryption solution that stores and manages all folder settings and keys in an embedded or off-board SQL database. The Group Share Server distributes decryption keys to users once they have successfully authenticated. In addition, the system offers advanced audit capabilities with a Web-based administrator console allowing users to log, generate reports and manage folder and user permissions. It also supports Windows Authentication and is enabled through PKI integration. Users can manage permissions on data that has been backed up offsite.

Network Malware Control System v2.0 FireEye took the wraps off of the FireEye Network Malware Control System, v2.0. The FireEye Central Management System manages enterprise-wide FireEye deployments from a single centralized management appliance. FireEye protects against network-borne exploits, both known and unknown, and ensures only compliant, up-to-date machines are granted network access.

Vital Security Web Appliance Finjan announced the latest version of its Vital Security Web Appliance. Version 8.4.3 includes behavior-based security engine for detection and blocking of unknown threats; vulnerability Anti.dote for proactive protection against zero-day exploits and vulnerabilities using virtual patching; antispyware, antivirus, URL filtering, load-balancing and SSL inspection. Vital Security Web Appliance is available in several form factors depending on the size of company and number of users. and deployment options in accordance with each organization's needs.

A one year subscription for 1,000 users including Silver support is $15,000. Finjan also announced Finjan SecureBrowsing is a free service that proactively alerts you to potential malicious content hiding behind links of search results, ads and other selected Web pages.

Pricing for the FortiGate 224B is $3,995. The company offers software subscription services that include FortiGuard Antivirus, IPS, Web Filter, Anti-spam service with pricing starting at $719, depending on the service.

Gemalto Network Identity Manager Gemalto unveiled a microprocessor-based USB token, the Network Identity Manager (NIM), which can be used as a portable online security device for high-value transactions. The microprocessor embedded in the NIM powers a certificate-based mutual authentication process and direct-to-site tunneling so online sessions are protected from attacks present in the host PC. It also uses standard Internet protocols and security layers such as TLS, TCP/IP operating in the device itself. When inserted into a USB port, it opens its own secure browser window ands presents secure links to the user. Once the user selects its destination the NIM bypasses the PC to access the Internet address and authenticate the website. This provides security against phishing, pharming, spoofing and man-in-the-middle attacks. It does not require any downloads or middleware, officials said. The new device is positioned at portals, banks and other online businesses.

Pricing for the device will be in the $30-range depending on the volume and form factor.

Change Control Solution for Databases Guardium announced Change Control Solution for Databases, allowing IT organizations to centrally enforce change control policies for entire database environments, including changes to critical data and objects, both inside and outside the database, across multiple database platforms (Oracle, Microsoft, IBM DB2 and Informix, Sybase). The new product monitors and alerts on all changes to including database structures, data values, security and access control objects and database configuration files, environment and registry variables and associated executables. It is built on Guardium SQL Guard.

Scuba Imperva introduced Scuba, a free, lightweight Java tool that scans Oracle, DB2, MS-SQL, and Sybase databases for software vulnerabilities, including SQL injection and buffer-overflow flaws. It also detects configuration problems like insecure passwords, unsafe processes, unrestricted permission levels, and more. Scuba contains over 350 database assessment tests. Users can download Scuba from www.imperva.com/go/rsa and configure the software on their PC by entering the IP address, username and password of the database they want to assess. Within minutes, they can generate one of several comprehensive vulnerability and risk assessment reports in HTML and Java.

File System Connector Ingrian Networks announced File System Connector, which works in conjunction with Ingrian's DataSecure Platform. The DataSecure Platform includes the DataSecure appliance, a dedicated hardware product designed s for security and cryptographic processing. The appliance features an optional integrated FIPS 140-2 Level 3-compliant hardware security module, providing tamper-resistant protection of cryptographic keys.

Security Manager 5.6 Intellitactics releases version 5.6 of its Security Manager SIM offering at the RSA Conference this week. The new version includes the ability to automate the process of escalating alerts, alert investigation and gives analysts the ability to get a visual representation of the incident with a single click. Security Manager has hundreds of canned reports for regulatory compliance and also has an executive dashboard for senior management.

IronPort S650 IronPort Systems will be introducing two new appliances, one designed to secure Web traffic, and the other for inspecting email traffic. The IronPort S650 includes features such as URL filtering, reputation-based filtering and malware detection and prevention. The new box is able to monitor all network ports and uses the company's Web Reputation Filters, which evaluate the trustworthiness of a URL based on more than 50 separate parameters. The S650 relies on the company's own Dynamic Vectoring and Streaming engine and several signature types supplied by Webroot. IronPort also is unveiling its new X1050 email security appliance, designed for large enterprises and ISPs. Along with anti-spam and antivirus protection, the X1050 also includes the ability to filter mail senders based on their reputations. Pricing starts around $25,000 for the S650 and the X1050 pricing has not been finalized.

Open Space Security Kaspersky Lab is introducing Kaspersky Open Space Security (KOSS), that combines anti-virus, anti-spam, antispyware and protection against phishing and rootkits in one package. KOSS combines the use of traditional signature-based anti-virus technology with the ability to monitor system processes to look for malicious programs. The software also has separate policies for mobile devices, which automatically go into effect when the device is disconnected from the corporate network.

StealthWatch 5.6 Lancope's new version of its well-regarded StealthWatch network behavior analysis system, due in the first quarter, gives enterprises the ability to deploy a second StealthWatch appliance for active failover. Version 5.6 also includes a feature that shows the status of all of the active alarms on the system at any given time and gives administrators additional context about each incident. It also has improved performance and better flexibility in querying.

LyncRMS Lync Software later this year is planning to unveil LyncRMS, a comprehensive policy-enforcement and endpoint security offering for removable media and mobile devices, such as PDAs, USB drives, smart phones and even iPods. LyncRMS is designed to restrict the types of files and data that users can transfer to these devices, instead of restricting the device types. The software also can encrypt files moving to mobile devices, using 128- or 256-bit AES.

Data Loss Prevention 1.0 McAfee is announcing a new host-based product designed to prevent confidential information, intellectual property and other sensitive data from leaving the enterprise. McAfee Data Loss Prevention 1.0 is an agent-based offering that is meant to be deployed on every machine in a network and can stop users or attackers from extracting sensitive data via physical media such as CD-ROMs, USB drives and DVDs, as well as through applications such email, IM or Skype.

RazorGate for IBM BladeCenter Messaging security vendor Mirapoint introduces a version of its RazorGate appliance for the IBM BladeCenter. The new appliance includes the company's MailHurdle anti-spam technology, which drops the majority of unwanted messages at the mail gateway, as well as its policy enforcement and anti-virus capabilities. RazorGate for BladeCenter also includes a Web management console and support for SSH and SSL.

VF2110 Mistletoe Technologies has released its first SMB product, the VF2110, a security ASIC that includes numerous capabilities, such as firewall, VPN, DDoS protection, anomaly detection and spoofing detection. The chip supports up to two Gigabit Ethernet ports and can handle as many as 65,000 concurrent sessions. The VF2110 also includes anti-virus, antispam and URL filtering capabilities.

Security Intelligence Hub v2; nTellect for McAfee IntruShield nCircle is unveiling two new products, the Security Intelligence Hub v2, and nTellect for McAfee IntruShield. The Security Intelligence Hub is a vulnerability assessment and risk management offering that functions as a central reporting and management point which works in concert with nCircle's IP360 VA and management system. The nTellect offering also works with the IP360 to improve the accuracy and efficiency of the IntruShield IPS. The system can correlate attack information with vulnerability and application data in order to identify attacks that have a real chance of succeeding.

Identity and Access Management Module on NetContinuum's Application Controllers NetContinuum's Identity and Access Management module encompasses a suite of certificate management, authentication, authorization and single sign-on capabilities. The module can be used to implement basic authentication and authorization capabilities, including single sign-on, or to enhance the value that an enterprise gets from implementing IAM products like Computer Associates eTrust SiteMinder.

NetContinuum Application Controllers cost $33,000 to $55,000, depending on various software and platform options. For a limited time, the Identity and Access Management module is included in the price of the underlying Application Controller platform.

Netronome SSL Module The Netronome SSL Module is a programmable platform that enables the creation of intelligent, high-performance networking appliances. Operating at the flow level -- such as session or connection level, not just at the packet level -- it can inspect and manipulate flow content and can detect and decode a wide variety of standard application protocols. Applications that use the SSL Module can receive traffic via Virtual Network Interface The SSL Module is part of Netronome's Open Appliance architecture, which is a hardware and software solution geared toward ISVs, appliance manufacturers, and switch designers. The SSL Module is designed to help customers bring their products to market more quickly.

NitroView Enterprise Security Manager NitroView Enterprise Security Manager is a Network and Security Information Management solution that integrates network flow data with security event data within the same high-performance database, providing enterprises with both a real-time and forensic view into their network and security posture. NitroView offers detailed reporting of all activity, and performs analysis of and correlation between network anomalies, network flows, and security events generated by NitroGuard IPS, NitroView Receiver, and many other network and security devices.

Norman Sandbox Analyzer and Norman Sandbox Analyzer Pro Norman SandBox Analyzer is a tool to automate, simplify, and speed up the information-gathering process when analyzing executable files. It allows IT staff to quickly understand the file behavior and actual actions performed by suspicious files. The analyzer can be used as a command-line application, making it easier to build into existing solutions, or with a regular user interface, giving a fast and efficient view and management of files being analyzed.

Identity Manager 3.5Sentinel 6 Novell is previewing its Identity Manager 3.5, a user-provisioning and metadirectory software solution. This new version, which automates complex provisioning processes, features enhanced user provisioning, support for single sign-on, automatic password update capabilities, and a new compliance module. Novell also is previewing Sentinel 6, a new version of the security information management (SIM) software solution it acquired when it bought e-Security last year. The new version offers a single, real-time view of security and compliance activities across the enterprise. It provides enhancements to work flow, connectivity, auditing, and content.

Novell's Identity Manager 3.5 will be generally available in mid-March for $25 per user and $75,000 per server. Sentinel 6's base instance license costs $65,000, which includes the server, correlation engine, console and collectors for Windows Servers and Novell products, and a five-user Crystal reports license.

Ounce 4.2 Ounce 4.2 features the Ounce SmartAudit audit and compliance reporting facility. With SmartAudit, security analysts and risk managers access a series of audit reports that measure compliance with software security best practices and regulatory requirements. Using Ounce's comprehensive and accurate code analysis, each report features a compliance "report card," a detailed audit of non-compliant findings, and drill-down capabilities to the line of code.

PatchLink Enterprise Reporting 6.3PatchLink Patch Developers Kit PatchLink has announced the February 2007 release of two products. PatchLink Enterprise Reporting 6.3 is a customizable, centralized reporting solution that enables organizations to measure and manage all aspects of the patch and vulnerability management process. With Enterprise Reporting, organizations can accurately demonstrate the status of security and regulatory compliance with policy-based reports that support regulations such as Sarbanes-Oxley, HIPAA, FISMA and the European Directive, the company said in a statement. PatchLink Patch Developers Kit (PDK) extends the capabilities of PatchLink Update and allows organizations to deploy and patch custom applications, which are then automatically included in assessment, remediation, validation, and audit processes.

Pricing is $1,995 for server software and $2.50 per node. PDK Standard Edition is $8,695, while PDK Premier Edition is $12,700.

Threat Expert Threat Expert by PC Tools is an automated threat analysis system designed to analyze and report the behavior of computer viruses, worms, Trojans, adware, spyware, and other security-related risks. The system quickly processes a single threat, making it possible to generate up to a 1,000 highly detailed threat descriptions per server, per day. Threat Expert is currently being offered as a free service to social networking, content sharing and other companies needing to certify content before posting it online. The service is also offered to security companies.

PortWise 4.6 PortWise 4.6 is an Identity and Access Management product suite, available March 25, that allows enterprises to consolidate all of their access and identity requirements into one platform, resulting in reduced costs and increased security. The suite consists of three components: authentication, access, and identity federation. The authentication component allows enterprises to choose from a variety of authentication methods, including tokens, digital certificates, biometrics, and static passwords. The access component enables users to access any type of application using SSL VPN technology.

NeXpose version 4.5 and the Enterprise Module The latest release of Rapid7's vulnerability management product, NeXpose version 4.5, provides enterprise-level support capabilities for increased performance and reliability. NeXpose 4.5 features the Enterprise Module, which supports Oracle environments with large-scale scanning, high-performance throughput and ease-of-maintenance based on IT best practices. Organizations achieve comprehensive, enterprise-level scanning and data storage while leveraging the advantages of their Oracle infrastructure, such as the enterprise database, server clustering, and functionality.

Enhanced Reflex Command Center Reflex Security announced the release of its Enhanced Reflex Command Center, an enterprise security management device that combines the functionality of identity management, security information management and IPS management into a single appliance. The vendor said it has integrated these applications into a single appliance by leveraging its experience with security virtualization. In the Enhanced Reflex Command Center, Reflex has bundled third-party security applications and integrated them into the VMWare ESX virtualization platform. Building on its alliance with VMWare, Reflex has partnered with Apere to provide identity management, and with eIQ networks for security information management.

The product will be available in the second quarter of 2007, and the base price will be $7,500.

RSAM 5.0 Relational Security announced the release of RSAM 5.0, integrating with Relational Security's new assessment and reporting modules. With the release of the RSAM 5.0 Suite, customers may now use the new RSAM findings module to capture incidents, ad-hoc issues, specific vulnerability data from scans, and other forms of information that do not conform to a questionnaire, the vendor said. The RSAM findings module integrates with the core RSAM product features, such as workflow, permission assignment, data import, and email notification.

Personal Protector Safend announced the release of Personal Protector, a free consumer product that prevents unauthorized access to user data via all physical communications ports and blocks any unrecognized device. Based on Safend's Digital Membrane technology, Personal Protector is downloaded and locally installed on individual PCs and laptops, enabling users to have control over who connects what to the computer's physical ports, the vendor said. Personal Protector leverages existing security schemes to eliminate all port access, except for devices like your mouse and keyboard. Password authentication is required to authorize the use of peripheral devices for either one-time or ongoing connection and multi-tiered antitampering features ensure that only the computer's authorized user can revise policy settings.

SearchAhead ScanSafe announced the release of SearchAhead, a corporate safe search feature that allows customers to apply their Web filtering policy when users conduct Internet searches on Google, Yahoo! and MSN. The product allows companies to centrally manage and alert users on safe Web surfing behavior. Customers will be provided with an option to enable SearchAhead as a feature of the service. SearchAhead will annotate search results for all users and provide guidance on acceptable or unacceptable Web sites that are based on the customer's Web filtering policy, the vendor said. SearchAhead is an extension and adaptation of a free service called Scandoo, launched earlier this year by ScanSafe. This service classifies search results based on the presence of malware or unwanted content using red, amber or green symbols, in traffic light fashion, in accordance with their danger level.

Security Explorer 6.0 ScriptLogic announced the release of Security Explorer 6.0, a device that provides real-time, interactive management of access controls and security on Windows NT/2000/XP/2003 file servers and workstations. Security Explorer gives the IT professional the power to manage, search, duplicate, backup and recover permissions and security across the network from a point-and-click interface, the vendor said. Security Explorer simplifies management of NTFS file and folder security, file shares, services, printer access, registry security and scheduled tasks, ensuring that access to privileged information is restricted on Windows servers and workstations, and playing a key role in standardizing security management across the entire Windows network, ScriptLogic added.

Security Explorer is available for $419 per server before volume discounts. Workstation licenses will start at $4 per workstation before volume discounts.

Sidewinder Version 7.0 Secure Computing has announced that Sidewinder Version 7.0, an enhanced edition of its perimeter security appliance, will be released March 1. Sidewinder 7.0 incorporates real-time global intelligence from its TrustedSource service, so that it is capable of making security decisions based on the real-time scored behavior of billions of IP addresses worldwide Key enhancements in Sidewinder 7.0 include new hardware platforms; enhanced unified policy management; deep inspection of encrypted protocols; and deep application security controls over VoIP traffic. It also features bi-directional antivirus, antispyware; antispam; IPS and URL security filtering.

Eight appliances are available, ranging from a base price of $1,500 to $75,900.

Security Framework 4.0 Secuware announced the release of Security Framework (SSF) 4.0, with four integrated modules that control access to information, access to devices, integrity of executables, and deliver event logs and audit trails. The product applies 256-bit encryption to all designated data, applications and devices; can be tightly integrated with Windows, directly updating the Active Directory schema; prevents users from connecting to unauthorized hardware devices such as USB drives; and limits the action that may be taken with protected information, such as screen capture or hard-copy printing.

Sentrion 2.0 Sendmail announced the release of Sentrion 2.0, the second generation of its email gateway security appliance. The product is designed to protect the enterprise from external security threats and internal compliance violations. It is built on a hardened operating system, SentriOS, which is tuned for performance for email applications. The product features three Sendmail software products running on a hardened Linux appliance. In addition to providing anti-spam, anti-virus, and zero-hour anti-virus protection, the Mailstream Manager policy engine also provides email content policy enforcement with built-in HIPAA and GLBA compliance engines and clientless encryption capabilities. The recently patented Sendmail Flow Control completes the Sentrion offering, providing built-in denial-of-service attack prevention, IP reputation service for prioritizing system resources, directory harvesting attack prevention and backscatter spam defense.

The base price is $18,200 for the 1U model and $26,000 for the 2U model.

NodalCore C-3000-EX Sensory Networks is releasing the NodalCore C-3000-EX, a content security acceleration card designed for use in network and security appliances. NodalCore C-3000-EX is the first in the product family compatible with PCI-Express (PCIe), and delivers content scanning throughput up to 3 Gbps.

Network access control server Sophos is demonstrating its network access control server, which is scheduled to be made available in April. The offering includes a security policy server, a control agent to assess compliance with policy and Web agent for guests and contractors. It interfaces with existing directory services such as LDAP or Active Directory and allows policies to be created using predefined library of applications. In the future, Sophos will integrate network access control as part of an expanded security and control capability for enterprises of all sizes.

The product will be sold as a subscription, which includes all support and upgrades during the license period.

StillSecure "Complete NAC" StillSecure has announced the availability of what it calls Safe Access "Complete NAC" trust-and-verify software that combines pre-connect NAC with flexible post-connect NAC. The software ensures Windows and non-Windows devices are tested before gaining network access, and provides continuous monitoring of network traffic from a device after access has been granted. Safe Access Complete NAC offers inline and out-of-band enforcement options. In either scenario, post-connect sensors are installed throughout the network. When a sensor detects suspicious traffic emanating from an endpoint, it instructs Safe Access to quarantine the device in real-time.

Network Access Control Symantec is extending its Network Access Control software product to include agentless NAC assessment, Mac OS X agent support, and an integrated 802.1X supplicant. The addition of Symantec Network Access Control Scanner's agentless assessment functionality provides enterprises with a third means to evaluate endpoints connecting to their networks.

Nessus 3i Tenable Network Security will release its Nessus 3i scanner appliance, which evaluates a company's network security and identifies any existing security vulnerabilities. The Nessus 3i scanner appliance is supported by Tenable's Nessus 3 software, a library of vulnerability checks on the market, which is used in a vulnerability audit.

Deep Security Third Brigade is announcing its Deep Security host-based intrusion defense system. The system includes the Deep Security Manager, a centralized management system that allows administrators to apply security profiles to hosts, and track threats and preventive actions taken in response to them. Detailed reports document attempted attacks and provide an auditable history of security configurations and changes. Also included is Deep Security Agent, a host-based software component that includes a deep packet inspection engine. The agent monitors incoming and outgoing traffic for protocol deviations, content that signals an attack and policy violations. When necessary, the agent intervenes and neutralizes the threat by blocking the malicious traffic. Third Brigade Security Center is also included and provides information on the latest vulnerabilities, and security updates that shield these vulnerabilities and reduce risk. The product will be made available in April.

NAC tool TippingPoint, a division of 3Com, is releasing a new access control tool that determines what devices and users are allowed on the network, what resources they are allowed to use, and how this can be controlled and enforced through policy management. The NAC tool uses the TippingPoint Intrusion Prevention System (IPS),which compliments NAC's 'point-in-time check' with the IPS's continuous endpoint traffic check for as long as the endpoint is on the network. The tool provides soft enforcement through a software overlay or via 802.1x, or use enforcement actions from TippingPoint's Security Management System.

TippingPoint's access control will be generally available in February for less than $50 per endpoint.

TriGeo SIM v4.0 TriGeo Network Security is releasing its TriGeo SIM v4.0, a real-time security information and event management appliance that automatically identifies and responds to network attacks, suspicious behavior and policy violations. The system provides log analysis, event correlation and USB detection and prevention. TriGeo SIM actively defends the network with hundreds of targeted correlation rules and active responses that include the ability to quarantine, block, route and control services, processes, accounts and privileges. The system includes the appliance, a 50-node/agent license, unlimited consoles, training, one full year of toll-free support. The product scales to thousands of nodes.

Tripwire Enterprise 6.0 Tripwire has announced the release of Tripwire Enterprise 6.0, the latest edition of its software package designed to help enterprises detect when configuration changes may be unauthorized or violate security policy. The software detects and analyzes changes on a wide array of network devices, file systems, directory servers, databases, middleware and applications, and reconciles it against existing policies and IT service management systems. Key features of the new version include testing and reporting of critical IT process controls, change type and severity classification including out-of-band changes, reconciliation techniques, and numerous customizable online reports and dashboards.

SafeGuard RemovableMedia Utimaco U.S.A., a business unit of Utimaco Safeware AG, has announced the release of SafeGuard RemovableMedia, security software designed to secure the data on removable memory media, including USB memory sticks, memory cards, external hard drives, floppy disks and CDs/DVDs. The product offers a data encryption procedure that runs unseen by users. It also allows users to extract files from a memory stick to another portable device or PC, and to read and work with them safely even if no encryption software is installed on their system.

Extended Validation SSL Certificates VeriSign Inc. has announced the availability of its Extended Validation SSL Certificates, enabling Web site providers to validate the authentication of their organizations, domains and requestors. The certificates interact with the latest Web browsers, such as Internet Explorer 7, to provide a visual cue--turning the URL field of the browser green--when the presence of a certificate is detected. The offering relies on Microsoft's store of certificate authority trusted roots, which must meet the requirements set forth by the CA/Browser Forum.

The offering has a base price of $895 annually and includes 24/7 support.

Vontu 7M Vontu has announced the release of Vontu 7, the latest version of its software suite for protecting enterprise data at rest, in motion and on network endpoints. New capabilities include content-aware monitoring of data copied to USB drives and other removable storage devices, data-at-rest discovery features, Asian language detection and enhanced workflow and reporting capabilities. The suite is comprised of the Vontu Network Monitor and Vontu Network Prevent for data in motion, Vontu Discover and Vontu Protect for data at rest, and Vontu Endpoint Monitor for data at the endpoint. It is compatible with Windows 2003 Server and Windows XP.

Based on technology from Websense's acquisition of PortAuthority Technologies, the appliance is designed to prevent accidental, intentional or malicious exposure of confidential and private data such as patient data, customer credit card numbers, sales projections or product source code and plans. The product protects confidential information through widespread coverage of possible leak points and discovery of hosts, networks and data-at-rest. It also enforces leak prevention on outbound and internal data-in-motion, endpoints and laptops, plus USB and portable media devices.

ZyWall-2WG; SSl-10 ZyXel Communications has announced the release of the ZyWall-2WG mobile Internet security appliance for remote offices and SOHOs, and the SSL-10 appliance for small and medium-sized organizations. The ZyWall-2WG offers a built-in firewall, VPN and mobility support for 3G and 802.11 Wi-Fi devices. It also supports WAN backup, load-balancing failover and bailback. The SSL-10 offers an integrated SSL-VPN and firewall, enabling secure and clientless remote access to the resources on the corporate network.

E-Handbook

0 comments

E-Mail

Username / Password

Password

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy